package net.savignano.snotify.jira.gui.rest.profile;

import com.atlassian.jira.util.I18nHelper;
import com.atlassian.jira.util.IOUtil;
import com.atlassian.plugins.rest.common.multipart.FilePart;
import com.atlassian.plugins.rest.common.multipart.MultipartFormParam;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyException;
import java.util.Collection;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import net.savignano.cryptography.enums.ECryptographyType;
import net.savignano.cryptography.enums.EKeySource;
import net.savignano.cryptography.key.pgp.PgpPublicKey;
import net.savignano.cryptography.util.PgpUtil;
import net.savignano.snotify.atlassian.common.EProperty;
import net.savignano.snotify.jira.common.JiraUser;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPException;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPPublicKey;
import net.savignano.thirdparty.org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("uploadPgpKey")
/* loaded from: input_file:net/savignano/snotify/jira/gui/rest/profile/PublicPgpKeyUpload.class */
public class PublicPgpKeyUpload extends PublicUserEditing {
    private static final Logger log = LoggerFactory.getLogger(PublicPgpKeyUpload.class);

    @PUT
    @Consumes({"multipart/form-data"})
    public Response upload(@MultipartFormParam("pgp_key") Collection<FilePart> collection, @QueryParam("atl_token") String str, @Context HttpServletRequest httpServletRequest) {
        try {
            if (!getAuthContext().isLoggedInUser()) {
                return createResponse(Response.Status.UNAUTHORIZED, null);
            }
            JiraUser jiraUser = new JiraUser(getAuthContext().getLoggedInUser());
            if (!hasMatchinXsrfToken(str, httpServletRequest.getSession(false))) {
                return createResponse(Response.Status.FORBIDDEN, getI18n().getText("jsd-portal-email-security.error.xsrf.message"));
            }
            if (!isUploadAllowed(ECryptographyType.PGP)) {
                return createResponse(Response.Status.FORBIDDEN, getI18n().getText("jsd-portal-email-security.error.pgp.upload.message.adminForbidden"));
            }
            FilePart filePart = null;
            if (!collection.isEmpty()) {
                filePart = collection.iterator().next();
            }
            if (filePart != null && filePart.getSize() != 0) {
                return setPgpKey(filePart, jiraUser);
            }
            return createResponse(Response.Status.BAD_REQUEST, getI18n().getText("jsd-portal-email-security.error.pgp.upload.message.noFile"));
        } catch (Exception e) {
            log.error("Error while uploading PGP key for user " + ((Object) null) + ". Error message: " + e.getMessage(), e);
            return createResponse(Response.Status.INTERNAL_SERVER_ERROR, getI18n().getText("jsd-portal-email-security.error.pgp.upload.message.generalException"));
        }
    }

    private Response setPgpKey(FilePart filePart, JiraUser jiraUser) {
        try {
            byte[] byteArray = IOUtil.toByteArray(filePart.getInputStream());
            log.debug("Checking PGP key for user: {}", jiraUser.getDisplayName());
            String lowerCase = jiraUser.getEmail().toLowerCase();
            PGPPublicKeyRing keysForEmail = PgpUtil.getKeysForEmail(PgpUtil.loadPublicKeys(new ByteArrayInputStream(byteArray)), lowerCase);
            if (keysForEmail == null) {
                throw new KeyException("Could not find a key ring for email address: " + lowerCase);
            }
            PGPPublicKey key = new PgpPublicKey(keysForEmail, lowerCase).getKey();
            if (key == null) {
                throw new KeyException("Could not find a valid encryption key.");
            }
            log.info("Setting PGP key for user: {}", jiraUser.getDisplayName());
            getUserProps().setBytes(EProperty.EMAIL_PGP_KEY, byteArray, jiraUser);
            getUserProps().setLong(EProperty.EMAIL_PGP_KEY_ID, Long.valueOf(key.getKeyID()), jiraUser);
            getUserProps().setLong(EProperty.EMAIL_PGP_TIME_STAMP, Long.valueOf(System.currentTimeMillis()), jiraUser);
            getUserProps().setEnum(EProperty.EMAIL_PGP_KEY_SOURCE, EKeySource.USER, jiraUser);
            return Response.ok().build();
        } catch (IOException | PGPException e) {
            log.info("Key parsing failed. Error message: " + e.getMessage(), e);
            return createResponse(Response.Status.INTERNAL_SERVER_ERROR, getI18n().getText("email-security-edit-webwork.error-pgp.message", e.getMessage()));
        } catch (KeyException e2) {
            log.info("No valid key found. Error message: " + e2.getMessage(), e2);
            I18nHelper i18n = getI18n();
            StringBuilder sb = new StringBuilder(500);
            sb.append("<p>");
            sb.append(i18n.getText("email-security-edit-webwork.error-keynotfound.message.pre"));
            sb.append("<p><ul>");
            sb.append("<li>");
            sb.append(i18n.getText("email-security-edit-webwork.error-keynotfound.message.list.email"));
            sb.append("</li><li>");
            sb.append(i18n.getText("email-security-edit-webwork.error-keynotfound.message.list.valid"));
            sb.append("</li><li>");
            sb.append(i18n.getText("email-security-edit-webwork.error-keynotfound.message.list.encryption"));
            sb.append("</li><li>");
            sb.append(i18n.getText("email-security-edit-webwork.error-keynotfound.message.list.revoked"));
            sb.append("</li>");
            sb.append("</ul><p>");
            sb.append(i18n.getText("email-security-edit-webwork.error-keynotfound.message.post"));
            sb.append("</p>");
            return createResponse(Response.Status.CONFLICT, sb.toString());
        }
    }
}
